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(54) Signal processing device 

(57) The signal processing device 1 00 is composed 
of a CPU 1 for executing instruction sequences for such 
as a routine of verifying a password, a memory 2 for 
storing secret data such as the password and so forth, 
a random signal generation circuit 4 for generating a 
wait signal 3 which is output in order to halt the opera- 
tion of the CPU 1 . Particularly, the CPU 1 is provided 
with a wait signal input terminal 1 a for receiving the wait 
signal 3. When the wait signal 3 is input, the CPU 1 halts 
its operation for a short time such as one to several 
clocks. 



In accordance with the signal processing device, 
the operation of the CPU can be deferred for a short 
time in an arbitrary timing in order to make it difficult to 
analyze the operation of the CPU without incurring sub- 
stantial overhead on the processing time of the internal 
CPU. As a result, it is possible to improve the reliability 
of the signal processing device and enhance the impen- 
etrability against the analysis of the signal processing 
device. 
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Description 

CROSS REFERENCE TO THE RELATED APPUCA- 
HQN 

5 

[0001] The subject application is related to subject 
matter disclosed in the Japanese Patent Application 
No.Heil 1-264537 filed in September 17, 1999 in Japan, 
to which the subject application claims priority under the 
Paris Convention and which is incorporated by refer- w 
ence herein. 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 15 

[0002] The present invention is related to a signal 
processing device provided with a processor (CPU), a 
memory and so forth. In particular, the present invention 
is related to a signal processing device installed within a 20 
security equipment, an encryption device such as an IC 
card (smart card), an electronic lock and so forth. 

2. Description of the Related Art 

25 

[0003] In the prior art technique, a security equip- 
ment such as an encryption device installed within an IC 
card (smart card), an electronic lock and so forth is pro- 
vided generally with a signal processing device having a 
CPU, a memory and so forth for the verification of a 30 
password. 

[0004] The instruction execution cycle times as 
required for executing the respective instructions by 
means of the signal processing device are different from 
each other depending upon the execution types thereof. 35 
Accordingly, a respective instruction is executed at a 
predetermined time point after the signal processing 
device initiates instruction processing so that it is possi- 
ble to analyze the operation of the signal processing 
device relating to the timing of the execution of a partic- ao 
ular instruction, for example, by monitoring the time 
elapsed just after initiating a certain stage of the instruc- 
tion processing triggered by resetting the internal CPU 
or receiving an external signal. 

[0005] Because of this, for example, it becomes as 
possible to determine a particular instruction a predeter- 
mined time period after initiating a certain stage of 
instruction processing by monitoring an internal phe- 
nomenon which can be externally observed. Hence, 
there is a fear that the operation of the signal processing so 
device is analyzed by an unauthorized person. 
[0006] Accordingly, pseudo routines, which are use- 
less and harmless, are inserted into the program routine 
executed by the signal processing device, as means for 
introducing irregularity to the sequence of instructions 55 
as executed in order to deceive the analysis of the oper- 
ation of the signal processing device. 
[0007] More specifically speaking, for example, the 



program routine including the pseudo routine may be 
executed in order to run the pseudo routine between the 
main routine for verifying a password and the internal 
phenomenon which is externally observable. Particu- 
larly, the pseudo routine is repeated between the main 
routine and the internal phenomenon for a variable 
number of times, i.e., the frequency of repetition is 
determined at random for each appearance of the pro- 
gram routine. 

[0008] However, in the prior art technique making 
use of such a pseudo routine, there is a problem that the 
processing time in the signal processing device tends to 
becomes longer. More specifically speaking, while a 
random variation of the order of one to several clocks in 
the processing time is sufficient to obfuscate the inter- 
nal phenomenon under external analysis, several tens 
of clocks are required to run the pseudo routine from the 
main routine. Furthermore, there is substantial over- 
head on the processing time of the signal processing 
device when the pseudo routine is repeated for a plural- 
ity of times. 

[0009] The present invention has been made in 
order to solve the shortcomings as described above. It 
is an object of the present invention therefore to provide 
a signal processing device with an improved reliability 
and an enhanced impenetrability against encryption 
analysis while avoiding substantial overhead on the 
processing time of the signal processing device. 

SUMMARY OF THE INVENTION 

[0010] In order to accomplish the above and other 
objects, when a signal input to a signal processing 
device is processed by a processor, a wait signal is 
transmitted from a random signal generation circuit to 
the processor in a non-periodic manner in order to halt 
the processor at random. The operation state of the 
processor is maintained when haled, and the halted 
operation is continued from the operation state as main- 
tained when resumed. 

[0011] In accordance with the present invention, 
since the operation of the processor can be halted in a 
non-periodic manner, it is possible to prevent the opera- 
tion of the processor from being analyzed by observing 
the internal phenomena of the processor. Particularly, in 
the case of the present invention, substantial overhead 
on the processing time of the signal processing device 
can be avoided by providing a short halting time period 
[0012] Meanwhile, also in accordance with an mod- 
ification of the present invention, the clock signal as 
inputted to the processor can be deferred in a non-peri- 
odic manner. In the case of the modification, it is possi- 
ble to make more implicated patterns of the operation of 
the processor by the combination of deferring the clock 
signal in a non-periodic manner and the wait signal as 
output from the random signal generation circuit also in 
a non-periodic manner. As a result, the analysis of the 
operation of the signal processing device becomes fur- 
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thermore difficult. 

[0013] Also, in accordance with another modifica- 
tion of the present invention, the processor receives a 
password as said signal and matches the password 
against secret data stored in a memory in order to verify s 
whether or not the password is in agreement with the 
secret data. 

[0014] In the case of the modification, it becomes 
possible to make difficult the analysis of the operation 
by externally observing the internal operation while the w 
processor performs signal processing for matching the 
password and the secret data. The reliability of the sig- 
nal processing device can therefore be improved. 

BRIEF DESCRIPTION OF DRAWINGS 15 

[0015] 

Fig.1 is a block diagram showing the configuration 
of a signal processing device in accordance with a 20 
first embodiment of the present invention. 
Fig.2 is a block diagram showing the configuration 
of a signal processing device in accordance with a 
second embodiment of the present invention. 
Fig.3 is an explanatory overview of a security card 25 
in accordance with the third embodiment; in which 
(a) is a top view of the security card; (b) is an 
expanded view of an IC chip; (c) is an exemplary 
modification of the IC chip; and (d) is an external 
view showing a verification device. 30 
Fig.4 is a view for explaining the configuration of a 
memory card in accordance with a fourth embodi- 
ment of the present invention; in which (a) is a block 
diagram showing the internal configuration of of the 
memory card; and (b) is a block diagram showing 35 
an exemplary modification of the memory card. 
Fig.5 is a view for explaining a computer system in 
accordance with the fourth embodiment of the 
present invention; in which (a) is an external view 
showing the computer system; and (b) is a sche- 40 
matic diagram showing the mother board of the 
computer system. 

Fig.6 is a view for explaining a computer system in 
accordance with a fifth embodiment of the present 
invention; in which (a) is a block diagram showing 45 
the mother board; (b) is an expanded view of a 
coprocessor; and (c) is an expanded view of an 
exemplary modification of the coprocessor. 
Fig.7 is a view for explaining the operation of the 
computer system in accordance with the fifth so 
embodiment of the present invention for making a 
digital signature; in which (a) is a schematic dia- 
gram showing a digital signature scheme for use in 
the Internet and (b) is a schematic diagram demon- 
strating the encryption of a digital signature. 55 



DETAILED DESCRIPTION OF FMRnniMPMTQ 
[First Embodiment] 

(Configuration of the Signal Processing Device) 

[0016] Fig. 1 is a block diagram showing the config- 
uration of the signal processing device 100 in accord- 
ance with the first embodiment of the present invention. 
[0017] As illustrated in Fig.1, the signal processing 
device 100 is composed of a CPU 1 for executing 
instruction sequences for such as a routine of verifying 
a password, a memory 2 for storing secret data such as 
the password and so forth, a random signal generation 
circuit 4 for generating a wait signal 3 which is output in 
order to halt the operation of the CPU 1 . 
[0018] The CPU 1 is for example a semiconductor 
integrated circuit for taking control of the entirety of the 
signal processing device 100. When a signal indicative 
of a password is input to, the signal is interpretted and is 
matched against the secret data stored in the memory 2 
by means of the CPU 1 in order to verify whether or not 
the password is in agreement with the secret data and 
output the verification result to an external device. 
[0019] Particularly, the CPU 1 is provided with a 
wait signal input terminal 1 a for receiving the wait signal 
3. When the wait signal 3 is input to the signal process- 
ing device 1 00, the CPU 1 halts its operation for a short 
time such as one to several clocks. 
[0020] The random signal generation circuit 4 is 
located beside the CPU 1 . The random signal genera- 
tion circuit 4 is composed of an integrated circuit such 
as an semiconductor device in order to output the wait 
signal 3 in a non-periodic manner. 

(Operation of the Signal Processing Device) 

[0021] Next, the operation of the signal processing 
device 1 00 will be explained. 

[0022] First, a signal such as a password is input to 
the CPU 1, which serves to process the signal in order 
to verify the signal by comparing it to the secret data 
stored in the memory 2. On the other hand, the wait sig- 
nal is inputted to the CPU 1 from the random signal gen- 
eration circuit 4 with random intervals during processing 
the signal. The CPU 1 then halts its operation for a cer- 
tain period, for example, for one to several clocks. The 
CPU 1 maintains its operation state during the halting 
period. After resuming the operation, the CPU 1 contin- 
ues the process handled just before it halts. When the 
verification of the password is completed, the verifica- 
tion result is output from the CPU 1 . 

(Effects of the signal processing device) 

[0023] In accordance with the signal processing 
device 1 00, the security of the signal processing device 
100 is enhanced by making use of the waiting function 
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provided for the CPU 1 . Namely, in the case of the sig- 
nal processing device 1 00, it takes a different number of 
clocks for a different time of initiating a certain routine to 
execute a particular instruction, and therefore making it 
difficult to analyze the operation of the CPU 1 and 5 
improving the security of the signal processing device 
100. Particularly, since the random signal generation 
circuit 4 in accordance with this embodiment is capable 
of deferring the operation of the CPU 1 only for a short 
time such as for one to several clocks and therefore it is w 
no longer the case that the progress of the task of the 
CPU 1 is substantially delayed. 



[Second Embodiment] 

(Configuration of the Signal Processing Device) 



15 



[0024] Rg.2 is a block diagram showing the config- 
uration of a signal processing device 200 in accordance 
with the second embodiment of the present invention. 20 
The first embodiment of the present invention has been 
described with the CPU of the signal processing device 
which is designed to halt the operation in response to 
the wait signal. However, the second embodiment is 
applicable to a signal processing device equipped with a 25 
CPU which is not provided with such a function. 
[0025] As illustrated in Fig.2, the signal processing 
device 200 is composed generally of a CPU 1 1 for exe- 
cuting instruction sequences for such as a routine of 
verifying a password, a memory 2 for storing secret data 30 
such as the password and so forth, a CPU clock control 
circuit 5 for controlling the supply of clock signals to the 
CPU 1 1 , a random signal generation circuit 4 for gener- 
ating a random signal 3 in order to control the operation 
of the CPU clock control circuit 5. 35 
[0026] The CPU 11 is not provided with the halt 
function responsive to the wait signal unlike the CPU 1 
of the first embodiment. The CPU 1 1 is provided with a 
CPU operating clock signal input terminal 11a through 
which CPU operating clock signal 6 is inputted to the 40 
CPU 11. The CPU 11 is controllably operated with the 
CPU operating clock signal 6 as input from the CPU 
operating clock signal input terminal 1 1 a. 
[0027] When the CPU 1 1 is suspended from being 
supplied with the CPU operating clock signal 6, the 45 
operation of the CPU 1 1 is halted with its internal oper- 
ation state thereof being maintained as it is. When the 
CPU operating clock signal 6 is supplied again to the 
CPU 11, the CPU 11 resumes its operation from the 
internal operation state as maintained. 50 
[0028] The CPU clock control circuit 5 serves to 
control the supply of the CPU operating clock signal the 
CPU 1 1 . Namely, the CPU clock control circuit 5 serves 
to intercept the clock signal 7 to be supplied to the CPU 
1 1 and transfer the clock signal 7 to the clock signal 55 
input terminal 1 1 a of the CPU 1 1 as the CPU operating 
clock signal 6 under the control of the random signal 
from the random signal generation circuit 4. 



[0029] The random signal generation circuit 4 
serves to supply the wait signal 3 to the CPU clock con- 
trol circuit 5 in a non-periodic manner. The random sig- 
nal generation circuit 4 serves to make irregular the 
frequency of the CPU operating clock signal 6 as out- 
putted from the CPU clock control circuit 5 by inputting 
the wait signal to the CPU clock control circuit 5 in a ran- 
dom timing. 

(Operation of the Signal Processing Device) 

[0030] Next, the operation of the signal processing 
device 200 will be explained. 

[0031] First, a signal indicative of a password and 
the like is input to the CPU 11, which serves to process 
the signal in order to verify the signal by comparing it to 
the secret data stored in the memory 2. On the other 
hand, the wait signal is inputted to the CPU 1 1 from the 
random signal generation circuit 4 with random intervals 
in order to defer the CPU operating clock signal 6 in a 
non-periodic manner during processing the signal. The 
CPU 1 1 then halts its operation when deferring the sup- 
ply of the CPU operating clock signal 6. The CPU 11 
maintains its operation state having been taken just 
before it halts. 

[0032] After resuming the supply of the CPU oper- 
ating clock signal 6, the CPU 1 1 resumes and continues 
the halted task from the operation state having been 
maintained just before it halts. The irregular delay inter- 
mittently takes place during signal processing for han- 
dling a password by the signal processing device. 
[0033] After completion of the verification of the 
password by means of the CPU 11, the verification 
result is outputted from the CPU 1 1 . 

(Effects of the Signal Processing Device) 

[0034] In accordance with the signal processing 
device 200, since the clock signal supplied to the CPU 
1 1 is intermittently deferred by means of the CPU clock 
control circuit 5 in a non-periodic manner, the timing of 
the execution of a particular instruction can be modified 
at random for each running of the program routine. For 
this reason, it becomes difficult to analyze the operation 
of the CPU 1 1 and improving the security of the signal 
processing device 200. Particularly, since the random 
signal generation circuit 4 in accordance with this 
embodiment is capable of deferring the operation of the 
CPU 1 1 only for a short time such as for one to several 
clocks and therefore it is no longer the case that the 
progress of the task of the signal processing device 200 
is substantially delayed. 

[Third Embodiment] 

[0035] Fig.3 is a view for explaining a third embodi- 
ment of the present invention. Fig.3(a) is a general over- 
view of a security card 10 in accordance with the third 
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embodiment. Fig.3(a) and Fig.3(b) are block diagrams 
showing the internal structure of an IC chip provided 
within the security card 10. Rg.3(d) is a general over- 
view of a verification device 13 of the security card 10. 
Fig.3(e) and Fig.3(f) are block diagrams showing verifi- 5 
cation circuits each of which is embedded in the verifi- 
cation device 1 3. 

(Configuration of the Security Card) 

10 

[0036] The security card 10 is provided for use in 
the verification of the ID of an individual person and so 
forth. The security card 1 0 is a card made of a plastic or 
the like and equipped with a built-in IC chip 12 as illus- 
trated in Fig.3(a). ; 5 
[0037] The IC chip 12 is composed of a CPU 1 for 
executing instruction sequences for such as a routine of 
verifying secret data and a memory 2 in which the ID of 
the owner of the security card 10 and a random signal 
generation circuit 4 for generating a wait signal 3 with 20 
random intervals. Also, the CPU 1 is connected to con- 
nection terminals 13a and 1 3b for receiving external sig- 
nals. 

[0038J The CPU 1 is an integrated circuit provided 
for taking control of the entirety of the IC chip 12. The 25 
CPU 1 is provided with a wait signal input terminal 1 a for 
receiving the wait signal. When the wait signal is input, 
the CPU 1 halts its operation for a short time such as 
one to several clocks. 

[0039] The random signal generation circuit 4 is 30 
composed of an integrated circuit such as an semicon- 
ductor device in order to output the wait signal 3 in a 
non-periodic manner. 

(Operation of the Security Card) 35. 

[0040] Next, the operation of the security card 10 
will be explained. 

[0041] First, a command signal is input to the CPU 
1 through the connection terminals 13a and 13b. The 40 
CPU 1 then interprets the command signal and, if the 
command signal is valid, the ID stored in the memory 2 
is transmitted to the verification device 33. 
[0042] On the other hand, the wait signal is inputted 
to the CPU 1 from the random signal generation circuit 45 
4 with random intervals during processing the signal. 
The CPU 1 then halts its operation for a certain period, 
for example, for one to several clocks. 
[0043] The CPU 1 maintains its operation state dur- 
ing the halting period. After resuming the operation, the 50 
CPU 1 resumes and continues the halted task from the 
operation state having been maintained just before it 
halts. When the verification of the command signal is 
completed, the verification result is output from the CPU 



(Exemplary Modification of the Security Card) 

[0044] Meanwhile, the IC chip 12 can be replaced 
by an IC chip 12' which is modified as illustrated in 
Fig.3(c). 

[0045] The IC chip 12' is composed of a CPU 1 1 for 
executing instruction sequences for such as a routine 
for verification and the like, a memory 2 for storing an ID, 
a CPU clock control circuit 5 for controlling the supply of 
clock signals to the CPU 1 1 , a random signal generation 
circuit 4 for generating a random signal 3 in order to 
control the operation of the CPU clock control circuit 5. 
[0046] The CPU 11 is not provided with the halt 
function responsive to the wait signal unlike the CPU 1 
of the first embodiment. The CPU 1 1 is controllably 
operated with the the CPU operating clock signal 6. 
[0047] When the CPU 1 1 is suspended from being 
supplied with the CPU operating clock signal 6, the 
operation of the CPU 1 1 is halted with its internal oper- 
ation state thereof being maintained as it is. When the 
CPU operating clock signal 6 is supplied again to the 
CPU 11, the CPU 11 resumes its operation from the 
internal operation state as maintained. 
[0048] The random signal generation circuit 4 
serves to supply the wait signal to the CPU clock control 
circuit 5 in a non-periodic manner. The random signal 
generation circuit 4 serves to make irregular the fre- 
quency of the CPU operating clock signal 6 as outputted 
from the CPU clock control circuit 5 by inputting the wait 
signal to the CPU clock control circuit 5 in a random tim- 
ing. 

[0049] The CPU clock control circuit 5 serves to 
control the supply of the clock signal as input from the 
connection terminals 13c and 13d to the CPU 1 1. The 
CPU clock control circuit 5 serves to intercept the clock 
signal to be supplied to the CPU 1 1 and transfer the 
clock signal to the CPU 1 1 as the CPU operating clock 
signal 6 in a non-periodic manner under the control of 
the random signal from the random signal generation 
circuit 4. 

(Configuration of the Verification Device) 

[0050] Fig.3(d) is an external view showing the ver- 
ification device 33. The security card 10 is read out by 
means of the verification device 33. The verification 
device 33 is provided with a reading device 14 which is 
located in order to make contact with the connection ter- 
minals 13a and 13b for the purpose of reading the 
secret data stored in the memory 2. While the secret 
data is read out in a contact manner in accordance with 
this embodiment, magnetoelectric waves or infrared 
light can be used for the same purpose in a contactless 
manner. 

[0051] The reading device 14 can be designed in a 
conventional manner as long as it is capable of reading 
out and analyzing signals. In particular, in accordance 
with this embodiment, the verification device is also pro- 
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vided with a circuit for functioning to prevent the encryp- 
tion system from being analyzed. 

(Configuration of the Reading Device) 

[0052J Fig.3(e) is a block diagram showing the con- 
figuration of the reading device 1 4 as a decryption pro- 
tecting circuit The decryption protecting circuit is 
composed of a CPU 21 for executing instruction 
sequences for such as a routine for verification and the 
like, a memory 22 for storing the secret data, a random 
signal generation circuit 24 for generating a wait signal 
with random intervals. Also, the CPU 21 is connected to 
connection terminals 23a and 23b for receiving external 
signals. 

[0053] When the security card is to be verified, the 
CPU 21 serves to transmit a read command to the secu- 
rity card and then receives an ID transmitted from the 
security card as a response to the command in order to 
validate the ID. 

(Exemplary Modification of the Reading Device) 

[0054] Meanwhile, the reading device 14 can be 
replaced by a reading device 14' which is modified as 
illustrated in Fig.3(c). The CPU 21 is not provided with 
the halt function responsive to the wait signal. The CPU 
21 is controllably operated with the CPU operating clock 
signal as input. 

[0055] When the CPU 21 is suspended from being 
supplied with the CPU operating clock signal, the oper- 
ation of the CPU 21 is halted with its internal operation 
state thereof being maintained as it is. When the CPU 
operating clock signal is supplied again to the CPU 21, 
the CPU 21 resumes its operation from the internal 
operation state as maintained. 
[0056] The random signal generation circuit 24 
serves to supply the wait signal to the CPU clock control 
circuit 25 in a non-periodic manner. Namely, the random 
signal generation circuit 24 serves to make irregular the 
frequency of the CPU operating clock signal as output- 
ted from the CPU clock control circuit 25 by inputting the 
wait signal to the CPU clock control circuit 25 in a ran- 
dom timing. 

[0057] The CPU clock control circuit 25 serves to 
control the supply of the clock signal as input from the 
connection terminals 23c and 23d to the CPU 21. The 
CPU clock control circuit 25 serves to intercept the clock 
signal to be supplied to the CPU 21 and transfer the 
clock signal to the CPU 21 as the CPU operating clock 
signal under the control of the random signal from the 
random signal generation circuit 24. 

(Operation of the Verification Device) 

[0058] Next, the operation of the verification device 
33 provided with the reading device 14 or 14' will be 
explained in the followings. 



[0059] First, when the security card 1 0 is inserted to 
an insertion slot 33a of the verification device 33, com- 
mand signals are exchanged between the security card 
1 0 and the verification device 33 through the connection 

5 terminals 13a and 13b and the connection terminals 
23a and 23b which are making contact with each other. 
[0060] On the other hand, when the command sig- 
nal is input to the security card 10 through the connec- 
tion terminals 13a and 13b, the CPU 1 serves to 

w interpret the command signal. If the command signal is 
valid, the ID is read out from the memory 2 and transmit- 
ted to the verification device 33. 
[0061 ] The wait signal is inputted to the CPU 1 from 
the random signal generation circuit 4 with random 

15 intervals during processing the signal. The CPU 1 then 
halts its operation for a certain period, for example, for 
one to several clocks in response to the wait signal. The 
CPU 1 maintains its operation state during the halting 
period. After resuming the operation, the CPU 1 

20 resumes and continues the halted task from the opera- 
tion state having been maintained just before it halts. 
[0062] The ID transmitted from the security card 1 0 
is passed through the connection terminals 23a and 
23b of the reading device 14 and verified by means of 

25 the CPU 21 . Also during the process for verification, the 
CPU 21 intermittently halts and resumes its operation at 
random in response to the wait signal given from the 
random signal generation circuit 24. 

30 (Effects) 

[0063] In accordance with the security card 10 and 
the verification device 33 of the third embodiment of the 
present invention, the operation is irregularly halted and 
35 resumed in each of the security card 1 0 and the verifica- 
tion device 33 and therefore it becomes difficult to ana- 
lyze the operation. 



40 



[Fourth Embodiment] 
(Configuration of the Memory Card) 



[0064] Fig.4 is a block diagram showing the config- 
uration of the memory card 20 for use in accordance 
45 with the fourth embodiment of the present invention. 
Fig,4(b) is a block diagram showing the internal config- 
uration of an exemplary modification of the memory 
card. 

[0065] As illustrated in Fig.4(a), the memory card 
so 20 is composed of a CPU 1 for executing instruction 
sequences for such as a routine for verification and the 
like, a memory 2 for storing a start up password for use 
in logging in the system, a random signal generation cir- 
cuit 4 for generating a wait signal 3 which is output in 
55 order to haft the operation of the CPU 1. Also, the CPU 
1 is connected to connection terminals 13a and 13b for 
receiving external signals. 

[0066] The CPU 1 is an integrated circuit provided 
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for taking control of the entirety of the IC chip 12. When 
the wait signal 3 is input, the CPU 1 halts its operation 
for a short time such as one to several clocks. 
[0067] The random signal generation circuit 4 is 
composed of an integrated circuit such as an semicon- 
ductor device in order to output the wait signal 3 in a 
non-periodic manner. 

(Exemplary Modification of the Memory Card) 

[0068] Meanwhile, the memory card can be 
replaced by a memory card 20* which is modified. 
[0069] As illustrated in Fig.4(b), the memory card 
20' is composed of a CPU 1 1 for executing instruction 
sequences for such as a routine for verification and the 
like, a memory 2 for storing the start up password, a 
CPU clock control circuit 5 for controlling the supply of 
clock signals to the CPU 1 1 , a random signal generation 
circuit 4 for generating a random signal in order to con- 
trol the operation of the CPU clock control circuit 5. 
[0070] Unlike the CPU 1, the CPU 11 is not pro- 
vided with the halt function responsive to the wait signal. 
The CPU 1 1 is provided with a CPU operating clock sig- 
nal input terminal 11a through which a CPU operating 
clock signal 6 is inputted to the CPU 1 1 . The CPU 1 1 is 
controllably operated with the CPU operating clock sig- 
nal 6 as input through the CPU operating clock signal 
input terminal 11a. 

[0071] When the CPU 1 1 is suspended from being 
supplied with the CPU operating clock signal 6, the 
operation of the CPU 1 1 is halted with its internal oper- 
ation state thereof being maintained as it is. When the 
CPU operating clock signal 6 is supplied again to the 
CPU 11, the CPU 11 resumes its operation from the 
internal operation state as maintained. 
[0072] The CPU clock control circuit 5 serves to 
control the supply of the clock signal as input through 
the connection terminals 13c and 13d. The CPU clock 
control circuit 5 serves to intercept the clock signal to be 
supplied to the CPU 1 1 and transfer the clock signal as 
the CPU operating clock signal under the control of the 
random signal from the random signal generation circuit 
4. 

[0073] The random signal generation circuit 4 
serves to supply a wait signal 3 to the CPU clock control 
circuit 5 in a non-periodic manner. The random signal 
generation circuit 4 serves to make irregular the fre- 
quency of the CPU operating clock signal 6 as outputted 
from the CPU clock control circuit 5 by inputting the wait 
signal to the CPU clock control circuit 5 in a random tim- 
ing. 

(Verification by the Computer System) 

[0074] Next, the verifying procedure conducted by 
the computer system with the memory card 20 or 20' will 
be explained. Fig.5(a) is an external view showing a 
general purpose computer 30 such as a personal com- 



puter. 

[0075] The computer system 30 is provided with a 
slot 31 into which the memory card 20 or 20' can be 
inserted. 

5 [0076] Fig.5(b) is a block diagram showing a mother 
board 36 of the computer system 30. The mother board 
36 is composed of a main processor unit 31 , a memory 
32 and a hard drive 33 which are connected to each 
other via a bus 34 in the same manner as in a conven- 

70 tionai system. The bus 34 is connected also to an inter- 
face 35 for accommodating the memory card 20 or 20'. 
[0077] At power up of the computer system 30, it is 
necessary to provide the start up password stored in the 
memory card 20 or 20' for use in logging in the system. 

15 The memory card 20 or 20' is inserted to a slot 31 to 
start the use of the computer system 30. The main proc- 
essor unit 31 serves to read the start up password from 
the memory card 20 or 20' when rebooting. If the start 
up password is verified, the main processor unit 31 

20 serves to start the operation of the computer system 30. 
The computer system 30 does not start otherwise. 
[0078] Since the memory card 20 or 20' halts and 
resumes at random during the process of reading the 
start up password and therefore it becomes difficult to 

25 analyze the start up password; 

[Fifth Embodiment] 

[0079] Fig.6 is a view for explaining the fifth embod- 
30 iment of the present invention. Fig.6(a) is a block dia- 
gram showing the configuration of a mother board 36 of 
a computer. 

[0080] The mother board 36 is designed in the 
same manner as that explained in conjunction with the 
35 fifth embodiment with some exceptions including the 
fact that a coprocessor 37 or 37' handling the signal 
processing necessary for encryption/decryption is 
mounted in place of the interface 35 for the memory 
card. 

40 [0081] The coprocessor 37 for encryption/decryp- 
tion is composed of a CPU 1 for executing instruction 
sequences for such as a routine of verification for 
decrypting encrypted data and the like, a memory 2 for 
storing key data for use in decrypting the encrypted 

45 data, a random signal generation circuit 4 for generating 
a wait signal 3 which is output in order to halt the oper- 
ation of the CPU 1 as illustrated in Fig.6(b) which is an 
expanded view. The CPU 1 is connected to the bus 34. 
[0082] The CPU 1 is an integrated circuit for taking 

so control of the entirety of the IC chip 12. When the wait 
signal 3 is input, the CPU 1 halts its operation for a short 
time such as one to several clocks. 
[0083] The random signal generation circuit 4 is 
composed of an integrated circuit such as an semicon- 

55 ductor device in order to output the wait signal 3 in a 
non-periodic manner. 

[0084] The coprocessor 37 for encryption/decryp- 
tion can be replaced by a coprocessor 37' with a modifi- 
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cation. 

[0085] As illustrated in Fig.6(c), the coprocessor 37 
in accordance with the exemplary modification is com- 
posed of a CPU 1 1 for executing instruction sequences 
for such as a routine of verifying a password and the s 
like, a memory 2 for storing data indicative of the key 
data for use decrypting the encrypted data, a CPU clock 
control circuit 5 for controlling the supply of clock signals 
to the CPU 1 1, a random signal generation circuit 4 for 
generating a random signal in order to control the oper- to 
ation of the CPU clock control circuit 5. 
[0086] The CPU 11 is not provided with the halt 
function responsive to the wait signal unlike the CPU 1 
as explained above. The CPU 1 1 is controllably oper- 
ated with the CPU operating clock signal. 75 
[0087] When the CPU 1 1 is suspended from being 
supplied with the CPU operating clock signal, the oper- 
ation of the CPU 21 is halted with its internal operation 
state thereof being maintained as it is. When the CPU 
operating clock signal 6 is supplied again to the CPU 20 
21, the CPU 11 resumes its operation from the internal 
operation state as maintained. 
[0088] The CPU clock control circuit 5 serves to 
control the supply of the clock signal as input from the 
bus 34 to the CPU 1 1 . The CPU clock control circuit 5 25 
serves to intercept the clock signal to be supplied to the 
CPU 1 1 and transfer the clock signal to the CPU 1 1 as 
the CPU operating clock signal 6 under the control of 
the random signal from the random signal generation 
circuit 4. 30 
[0089] The random signal generation circuit 4 
serves to supply the wait signal 3 to the CPU clock con- 
trol circuit 5 in a non-periodic manner. The random sig- 
nal generation circuit 4 serves to make irregular the 
frequency of the CPU operating clock signal 6 as out- 35 
putted from the CPU clock control circuit 5 by inputting 
the wait signal to the CPU clock control circuit 5 in a ran- 
dom timing. 

(Decrypting Process) 40 

[0090] Fig.7 is a view for explaining the operation of 
the system in which a digital signature is made for use 
in the Internet 

[0091 ] As illustrated in Fig.7, a computer system 30 45 
which is used by a user possessing a private key is con- 
nected to a plurality of computer systems 41 to 43 which 
are used by users having the a public key. 
[0092] The digital signature is encrypted by the pri- 
vate key and decrypted by the public key as illustrated in 50 
Fig.7(b). Since the private key is required to make the 
digital signature, only a user possessing the private key 
can make the digital signature. 
[0093] When the user who made the digital signa- 
ture sends a document with the digital signature from 55 
the computer system 30 through the Internet, a third 
person can decrypt the digital signature with the public 
key. The digital signature is encrypted by reading the 



private key stored in the coprocessor 37 or 37' for use in 
the encryption process to be conducted by the main 
processor unit 31. 

[0094] When transferring the private key stored in 
the memory 1 or 11, the main processor unit 31 halts 
and resumes its operation at random in response to the 
wait signal. For this reason, for example, even if an 
unauthorized person tries to get the private key by ana- 
lyzing the operation of the computer system 30, it is dif- 
ficult to perform such an analysis so that the private key 
is effectively protected. 

Claims 

1. A signal processing device for processing a signal 
as input by means of a processor comprising 

a random signal generation circuit for transmit- 
ting a wait signal to said processor in a non- 
periodic manner; wherein 
said processor halts its operation in response 
to said wait signal in a non-periodic manner 
with its operation state being maintained in 
such a state as having been taken just before 
halting and, after resuming; the halted opera- 
tion is continued from said operation state as 
maintained. 

2. A signal processing device for processing a signal 
as input by means of a processor comprising 

a clock signal control circuit for deferring a 
clock signal to be supplied to said processor in 
a non-periodic manner, wherein 
said processor halts its operation while the 
supply of said clock signal is deferred with its 
operation state being maintained in such a 
state as having been just before it halts and, 
after resuming the operation, said processor 
continues the halted operation from said oper- 
ation state having been maintained. 

3. A signal processing device for processing a signal 
as input by means of a processor comprising: 

a clock signal control circuit for deferring a 
clock signal to be supplied to said processor in 
a non-periodic manner; and 
a random signal generation circuit for transmit- 
ting a wait signal in a non-periodic manner; 
wherein 

said clock signal control circuit serves to defer 
said clock signal in a non-periodic manner in 
response to said wait signal input from said 
random signal generation circuit, and wherein 
said processor halts its operation, while the 
supply of said clock signal is deferred, with its 
operation state being maintained in such a 
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state as having been just before it halts and, 
after resuming the operation, said processor 
continues the halted operation from said oper- 
ation state having been maintained. 

5 

4. The signal processing device as claimed in claim 1 
through claim 3 wherein 

said processor receives a password as said 
signal and matches the password against w 
secret data stored in a memory in order to ver- 
ify whether or not the password is in agreement 
with the secret data. 



ting a wait signal in a non-periodic manner; 
wherein 

said clock signal control circuit serves to defer 
said clock signal in a non-periodic manner in 
response to said wait signal input from said 
random signal generation circuit, and wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 
is continued from said operation state as main- 
tained. 



5. A security card provided with an IC chip consisting 15 
of: 

a memory element for storing secret data; 
a reading circuit for reading said secret data as 
stored in said memory element; and 20 
a random signal generation circuit for transmit- 
ting a wait signal to said reading circuit in a 
non-periodic manner, wherein 
said reading circuit halts its reading operation 
in response to said wait signal in a non-periodic 25 
manner with the operation state being main- 
tained in such a state as having been taken just 
before it halts and, after resuming, the halted 
operation is continued from said operation 
state as maintained. 30 

6. A security card provided with an IC chip consisting 
of: 

a memory element for storing secret data; 35 
a reading circuit for reading said secret data as 
stored in said memory element; and 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner, wherein 40 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 45 
is continued from said operation state as main- 
tained. 

7. A security card provided with an IC chip consisting 

of: 50 

a memory element for storing secret data; 
a reading circuit for reading said secret data as 
stored in said memory element; and 
a clock signal control circuit for deferring a 55 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner; and 
a random signal generation circuit for transmit- 



8. The security card as claimed in claim 5 through 
claim 7 wherein 

said reading circuit receives a password from 
an external source and matches the password 
against secret data stored in a memory in order 
to verify whether or not the password is in 
agreement with the secret data. 

9. A verification device of the security card in which 
secret data is stored, comprising: 

a reading circuit for reading said secret data as 
stored in said security card; and 
a random signal generation circuit for transmit- 
ting a wait signal to said reading circuit in a 
non-periodic manner, wherein 
said reading circuit halts its reading operation 
in response to said wait signal in a non-periodic 
manner with the operation state being main- 
tained in such a state as having been taken just 
before it halts and, after resuming, the halted 
operation is continued from said operation 
state as maintained. 

10. A verification device of the security card in which 
secret data is stored, comprising: 

a reading circuit for reading said secret data as 
stored in said security card; and 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non -periodic manner, wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 
is continued from said operation state as main- 
tained. 

11. A verification device of the security card in which 
secret data is stored, comprising: 
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a reading circuit for reading said secret data as 
stored in said security card; 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner; and s 
a random signal generation circuit for transmit- 
ting a wait signal in a non-periodic manner; 
wherein 

said clock signal control circuit serves to defer 
said dock signal in a non-periodic manner in w 
response to said wait signal input from said 
random signal generation circuit, and wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 15 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 
is continued from said operation state as main- 
tained. 

20 

12. The security card as claimed in claim 9 through 
claim 1 1 wherein 

said reading circuit receives a password from 
an external source and matches the password 25 
against secret data stored in said security card 
in order to verify whether or not the password is 
in agreement with the secret data. 

13. A computer system provided with an interface for 30 
reading a security card, said security card compris- 
ing 

a memory element for storing a start up pass- 
word for booting said computer system; . 35 
a reading circuit for reading said start up pass- 
word as stored in said memory element; and 
a random signal generation circuit for transmit- 
ting a wait signal to said reading circuit in a 
non-periodic manner, wherein 40 
said reading circuit halts its reading operation 
in response to said wait signal in a non-periodic 
manner with the operation state being main- 
tained in such a state as having been taken just 
before it halts and, after resuming, the halted 45 
operation is continued from said operation 
state as maintained, and wherein 
if the start up password is valid, said computer 
system starts its operation. 

50 

14. A computer system provided with an interface for 
reading a security card, said security card compris- 
ing 

a memory element for storing a start up pass- 55 
word for booting said computer system; 
a reading circuit for reading said start up pass- 
word as stored in said memory element; and 



a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner, wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 
is continued from said operation state as main- 
tained. 

if the start up password is valid, said computer 
system starts its operation. 

15. A computer system provided with an interface for 
reading a security card, said security card compris- 
ing 

a memory element for storing a start up pass- 
word for booting said computer system; 
a reading circuit for reading said start up pass- 
word as stored in said memory element; 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner; and 
a random signal generation circuit for transmit- 
ting a wait signal in a non-periodic manner; 
wherein 

said clock signal control circuit serves to defer 
said dock signal in a non-periodic manner in 
response to said wait signal input from said 
random signal generation circuit, wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming, the halted operation 
is continued from said operation state as main- 
tained, and wherein 

if the start up password is valid, said computer 
system starts its operation. 

16. The computer system as claimed in claim 13 
through claim 15 wherein 

said reading circuit receives a password from 
said computer system and matches the pass- 
word against secret data stored in said mem- 
ory in order to verify whether or not the 
password is in agreement with the secret data, 
and wherein 

if the start up password is valid, said computer 
system starts its operation. 

17. A computer system provided with a coprocessor 
consisting of: 

a memory element for storing key data for use 
in decrypting encrypted data; 
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a reading circuit for reading said key data 
stored in said memory element; and 
a random signal generation circuit for transmit- 
ting a wait signal to said reading circuit in a 
non-periodic manner; wherein s 
said reading circuit halts its reading operation 
in response to said wait signal in a non-periodic 
manner with the operation state being main- 
tained in such a state as having been taken just 
before it halts and, after resuming, the halted 10 
operation is continued from said operation 
state as maintained. 

18. A computer system provided with a coprocessor 
consisting of: rs 

a memory element for storing key data for use 
in decrypting encrypted data; 
a reading circuit for reading said key data 
stored in said memory element; and 20 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 
cuit in a non-periodic manner, wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred 25 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming resuming, the halted 
operation is continued from said operation 
state as maintained. 30 

19. A computer system provided with a coprocessor 
consisting of: 

a memory element for storing key data for use 35 
in decrypting encrypted data; 
a reading circuit for reading said key data 
stored in said memory element; and 
a clock signal control circuit for deferring a 
clock signal to be supplied to said reading cir- 40 
cuit in a non-periodic manner; 
a random signal generation circuit for transmit- 
ting a wait signal in a non-periodic manner; 
wherein 

said clock signal control circuit serves to defer 45 
said clock signal in a non-periodic manner in 
response to said wait signal input from said 
random signal generation circuit, and wherein 
said reading circuit halts its reading operation 
while the supply of said clock signal is deferred so 
with the operation state being maintained in 
such a state as having been taken just before it 
halts and, after resuming resuming, the halted 
operation is continued from said operation 
state as maintained. 55 

20. The computer system as claimed in claim 17 
through claim 19 wherein 



said reading circuit receives a password from 
said computer system and matches the pass- 
word against the key data stored in said mem- 
ory in order to verify whether or not the 
password is in agreement with the key data, 
and wherein 

if the password is in agreement with the key 
data, the encrypted data is decrypted. 
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